package cn.itcast.work.springsecurity;

import cn.itcast.work.dao.user.UserMapper;
import cn.itcast.work.pojo.User;
import lombok.extern.slf4j.Slf4j;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.config.annotation.authentication.configuration.AuthenticationConfiguration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer;
import org.springframework.security.config.http.SessionCreationPolicy;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.NoOpPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.security.provisioning.InMemoryUserDetailsManager;
import org.springframework.security.web.SecurityFilterChain;
import org.springframework.stereotype.Controller;

import java.util.ArrayList;
import java.util.List;

/**
 * * @author: Mao Wanting 2022051602008
 * * @date: 2024/12/16
 * *description:SpringSecurity安全框架配置
 **/
@Slf4j
@Configuration
@EnableWebSecurity
public class SecurityConfig {


    //添加自定义的安全过滤链
    @Bean
    public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {

        log.info("[SpringSecurity]:安全过滤链");

        http.csrf(AbstractHttpConfigurer::disable);


        //设置两个用户，用户和管理员
        http.authorizeHttpRequests(
                authorize -> authorize
                        .requestMatchers(
                                "/css/**", "/fonts/**", "/iconfont/**", "/images/**", "/js/**", "/languages/**", "/lib/**", "/plugins/**",//释放所有静态资源
                                "/", "/index", "/blog/intoMain", "/system/showMain",//首页
                                "blog/intoLogin", "blog/Login",//登录
                                "/blog/intoCode",//代码编辑
                                "/blog/compile",
                                "/blog/register","/blog/intoRegister",//注册
                                "/content/showClass",//首页分类文章
                                "/system/showPutText",//首页推送文章
                                "/system/searchText", //首页搜索功能
                                "/system/showUser",//首页推送作者
                                "/blog/showContent2", "/blog/showMarkdown",//显示文章
                                "/content/intoOther",//显示其他用户信息
                                "/CategoryController/selectCategory"//搜索收藏夹
                        ).permitAll()
                        .requestMatchers("/system/door",//进入管理员后台
                                "/system/check",//审核文章
                                "/system/putText",//推送文章
                                "/system/putUser"//推送用户
                        ).hasAnyAuthority("ROLE_ADMIN")
                        .anyRequest().authenticated()

        );

        http.formLogin(
                form -> form.loginPage("/blog/intoLogin").permitAll()//自定义登录页url
                        .loginProcessingUrl("/blog/Login")//自定义登录处理url
                        .defaultSuccessUrl("/blog/intoMain")
        );

        http.logout(
                logout -> logout.logoutUrl("/blog/loginOut")
                        .logoutSuccessUrl("/blog/intoMain")
        );


        return http.build();
    }

    //加密器
    @Bean
    public PasswordEncoder passwordEncoder() {
        return new BCryptPasswordEncoder();
    }


    //设置认证管理中心
    @Bean
    public AuthenticationManager authenticationManager(AuthenticationConfiguration authenticationConfiguration) throws Exception {
        return authenticationConfiguration.getAuthenticationManager();
    }

}
